bundle-audit-results/bundle-audit.json


			
				
				
					
						
						
						
							
							
							{"version":"0.9.1","created_at":"2024-05-02 09:24:51 +0200","results":[{"type":"unpatched_gem","gem":{"name":"sidekiq","version":"7.2.0"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/sidekiq/CVE-2024-32887.yml","id":"CVE-2024-32887","url":"https://github.com/sidekiq/sidekiq/security/advisories/GHSA-q655-3pj8-9fxq","title":"Reflected XSS in Metrics Web Page","date":"2024-04-26","description":"Reflected XSS in Sidekiq Web UI via the `/metrics` HTTP end-point and the\n`substr` query param:\n\n    https://{host}/sidekiq/metrics?substr=foot%22%3E%3Cscript%20src=%22{payload}%22%20/%3E\n","cvss_v2":null,"cvss_v3":5.5,"cve":"2024-32887","osvdb":null,"ghsa":"GHSA-q655-3pj8-9fxq","unaffected_versions":["< 7.2.0"],"patched_versions":[">= 7.2.4"],"criticality":"medium"}}]}
						
						
					
				
				
					
					View Git Blame
					Copy Permalink